January 2006 - Posts

SOx

I received an advertisement brochure recently. Prominently displayed on a front page was section was this eye-catching question: "Is compliance taking over your life?"

I responded (out loud, even): "Not anymore."

It occurred to me how less stressed my professional life is now that I am working for a private firm. The stress from my former Fortune 500 corporate experience was due in large part to Sarbanes-Oxley compliance - or rather the interpretation of Sarbanes-Oxley compliance.

Whether you agree with the legislation or not, most admit there was clearly a need to do something in response to the WorldCom and Enron scandals. So, something was done. Personally, I believe the legislation attacks the wrong side of the equation for this reason: there were already laws on the books to address the crimes committed at these corporations. If Congress truly wants to protect investors, educate them. And if Congress simply must pass a new law, pass legislation requiring investors become certified before being allowed to invest in publicly traded companies. (Step 1: A DVD of me pointing at the camera, screaming "YOU CAN LOSE ALL YOUR MONEY IF YOU PUT IT IN THE STOCK MARKET... ALL OF IT!!! DO YOU UNDERSTAND?!?" Step 2: Sign the document acknowledging you understand what you learned at Andy's School of Investing.)

But I digress...

While I was enduring the stresses placed upon a sole database administrator group manager by internal auditors, a colleague mused: "Those can, do. Those who cannot, teach. And those who cannot do or teach, audit." That was mean (...apologies to all my auditing readers out there...), but I think I understand the underlying sentiment.

Given the tools on hand, we were faced with unpleasant choices:

  1. Cease supporting business operations. It was simply not possible to comply and execute DBA tasks required to keep the business running. Without naming industries, companies, or names, ceasing support would have meant hardship to thousands of people already enduring enough hardship and economic loss to literally thousands of others.
  2. Refuse to comply. Which would have solved several stressful issues but created a few more - such as how to pay the bills, eat, etc.
  3. Lie. I could break my personal code of ethics and possibly the law of the land, and misrepresent the facts of the matter.
  4. Be honest. And take the ensuing whoopin'.

I chose to be honest. My reward was pressure from every imaginable angle.

From business, sales, and accounting, "Why can't you just comply and end all this?"

From auditors, "We will have to report this to _____. They will open an incident. It will be filed with the SEC. It will be made public."

From executives, "Make this go away."

It was ugly. And it all stems from an open season on business data. Heck, the auditors at my former employer were reaching into the personal development databases of developer workstations. I understand some of it, but not all.

I'm interested in your thoughts on the matter. Have any of you had similar experiences with SOx compliance?

:{> Andy

posted Wednesday, January 18, 2006 6:22 PM by admin with 3 Comments

Echoing some thanks

In his excellent blog, my friend and co-author Haidong Ji thanks Andy, Brian, and Steve for SQLServerCentral.com. I second the sentiment! We, the SQL Server community, are indeed fortunate to count them among us. The innovation and vision offered by Andy, Brian, and Steve (listed in alphabetical order here...) in creating and maintaining the SQLServerCentral community often goes unnoticed - which is itself a testament to their hard work and diligence.

In short, thanks guys!

:{> Andy

posted Tuesday, January 17, 2006 6:21 PM by admin with 0 Comments

February speaking engagements

I will be delivering a Beginning SSIS Development presentation at the Baltimore SQL Server User Group meeting 1 Feb 2006, and at the Hampton Roads SQL Server User Group 16 Feb 2006.

Beginning SSIS Development covers:
 - Introduction to the new SSIS Integrated Development Environment
 - Control Flow and Data Flow discussion
 - An overview of controls, connections, and package flow
 - Troubleshooting techniques
 - A demonstration (or two, depending on time)
 
Details and directions are available at the respective websites. They should be fun evenings - I always enjoy presentations! If you're in the area and read this blog, stop by and introduce yourself!
 
:{> Andy
posted Wednesday, January 11, 2006 6:20 PM by admin with 0 Comments

What motivates you?

Thomas Edison said "Genius is 10% inspiration and 90% perspiration." (Edison was a renowned workaholic... in competition most of his career with another type of genius, Nikola Tesla...)

Is this accurate in modern IT? If so, what motivates you to put forth that 90%?

Is it money? fame? the rush that accompanies watching your efforts execute in Production?

I've created a thread in the forums for responses.

:{> Andy

posted Wednesday, January 11, 2006 6:19 PM by admin with 0 Comments

Production Virtual Servers?

I recently documented building a virtual server for use with the Team Foundation Server Dec 2005 CTP. It was a lot of fun / work - and it's documented at VSTeamSystemCentral.com.

An opportunity at work prompted use of another virtual server to facilitate a data-transformation-intense software migration. In order to make this particular migration work, I needed to install an old ODBC driver. I did not have access to the driver installation - apart from installing a suite of software products purchased back in the day. I needed to land the migrated data on an existing test server and I did not want to corrupt other software currently installed there.

So... I built a VPC, installed Windows and SQL Server 2k. I loaded the legacy software package, which installed the driver, then built some DTS packages to migrate the data from the source to my target server. Voila!

It's worked wonderfully. Among the many benefits is the low impact to our existing Development / Test environment.

This experience - coupled with clustering functionality built into Virtual Server 2005 R2 - has me seriously considering Production Virtual Servers. Thoughts?

:{> Andy

posted Tuesday, January 10, 2006 6:18 PM by admin with 0 Comments

Gatekeeper or Roadblock?

Which are you? Gatekeeper or roadblock? ... or none of the above?

When it comes to database work, both stop "things" from occurring. Here's a couple/three questions I ask myself when my knee begins its pre-jerk twitch:

1. Are we in the data-protection business? Does this business in general - and my job specifically - exist solely to guard this data from everyone? I am still quoted at a manufacturing facility. I once said to a network engineer: "I understand, we're a network company. Apologies if all these ____-making efforts are getting in your way." (... for some reason, I no longer work in manufacturing...)

2. Does this request support or provide business value? Not: Is it a duplication of data? or even: Does it violate 3rd normal form?

3. Perhaps the most important question when I truly disagree with the request (which is rare, mind you): Is this battle worth fighting?

I consider myself a little of both gatekeeper and roadblock, at times. Mostly, I see my DBA role in the IT department as facilitator. When someone shows up with a request, I endeavor to help them succeed.

How about you?

:{> Andy

posted Friday, January 06, 2006 6:16 PM by admin with 4 Comments

More on Leadership...

Found a great article on Everyday Leadership.

:{> Andy

posted Thursday, January 05, 2006 6:16 PM by admin with 0 Comments